General
-
Target
40e8963010c7811c279fad782ecc1c70_JaffaCakes118
-
Size
3.8MB
-
Sample
241013-t2vvvawdpd
-
MD5
40e8963010c7811c279fad782ecc1c70
-
SHA1
4e3a625f886d2f6bef2be8dd51e719e573097ccc
-
SHA256
1e37f50cd3c43f92f58313221f798dea93b0b2ec02c2a2d94d5b1fa695731614
-
SHA512
90c4563556657130b44726bba651f480f2b8f43da94b851eb0da01b6b930a86c9e81ff982701e381c3328d3e73078b1121d14a9130109d91e79f4fcc4dae5961
-
SSDEEP
98304:UTG7opu5hjKVswgXnUg1yNsJO7nP/Z7/EXZt5n8RwYvGz7:Yeopu5hjSgXnFy+J2nPdk0vGn
Malware Config
Targets
-
-
Target
40e8963010c7811c279fad782ecc1c70_JaffaCakes118
-
Size
3.8MB
-
MD5
40e8963010c7811c279fad782ecc1c70
-
SHA1
4e3a625f886d2f6bef2be8dd51e719e573097ccc
-
SHA256
1e37f50cd3c43f92f58313221f798dea93b0b2ec02c2a2d94d5b1fa695731614
-
SHA512
90c4563556657130b44726bba651f480f2b8f43da94b851eb0da01b6b930a86c9e81ff982701e381c3328d3e73078b1121d14a9130109d91e79f4fcc4dae5961
-
SSDEEP
98304:UTG7opu5hjKVswgXnUg1yNsJO7nP/Z7/EXZt5n8RwYvGz7:Yeopu5hjSgXnFy+J2nPdk0vGn
Score8/10-
Checks if the Android device is rooted.
-
Checks Android system properties for emulator presence.
-
Acquires the wake lock
-
Domain associated with commercial stalkerware software, includes indicators from echap.eu.org
-
Makes use of the framework's foreground persistence service
Application may abuse the framework's foreground service to continue running in the foreground.
-
Queries information about active data network
-
Queries information about the current Wi-Fi connection
Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.
-
Reads information about phone network operator.
-
MITRE ATT&CK Mobile v15
Persistence
Event Triggered Execution
1Broadcast Receivers
1Foreground Persistence
1Defense Evasion
Foreground Persistence
1Virtualization/Sandbox Evasion
3System Checks
3